VARIoT IoT vulnerabilities database

Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component. Philips Vue PACS Is vulnerable to injection.Information may be obtained and information may be tampered with

Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. Philips Vue PACS Contains a vulnerability in the transmission of important information in clear text.Information may be obtained

Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval. Philips Vue PACS Exists in an inadequate protection of credentials.Information may be obtained

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwFreRPT.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user.

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within BwImgExe.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user.

China Mobile Enterprise Gateway is a gateway management software that can be used for wifi settings and detailed status. The China Mobile Enterprise Gateway has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection. EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. EMUI , HarmonyOS , Magic UI Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Buffer Overflow in BootROM USB Stack. Affected devices are Huawei Mate 30 Pro (LIO), Huawei P40 Pro (ELS), Huawei P40 (ANA), Huawei Nova 5T (YAL)

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. F5 Networks of nginx Products from other vendors contain vulnerabilities related to certificate validation.Information may be obtained and information may be tampered with. (CVE-2020-11724). ========================================================================== Ubuntu Security Notice USN-5371-2 April 28, 2022 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: nginx could be made to redirect network traffic. Software Description: - nginx: small, powerful, scalable web/proxy server Details: USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724) It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309) It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. (CVE-2021-3618) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: nginx-core 1.18.0-6ubuntu14.1 nginx-extras 1.18.0-6ubuntu14.1 nginx-light 1.18.0-6ubuntu14.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5371-2 https://ubuntu.com/security/notices/USN-5371-1 CVE-2021-3618 Package Information: https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1

TL-WPA7510 is a router device of Prolink Technology Co., Ltd. Universal Technology Co., Ltd. TL-WPA7510 has a weak password vulnerability, which can be exploited by attackers to obtain sensitive information.

The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user. Ricon Mobile Provided by the company Industrial Cellular Router Is a mobile network router. Powerful 64-bit Processor and integrated real-timeoperating system specially developed by Ricon Mobile. S9922XL iswidely used in many areas such as intelligent transportation, scada,POS, industrial automation, telemetry, finance, environmental protection.The router suffers from an authenticated OS command injectionvulnerability. Also vulnerable to Heartbleed.Tested on: GNU/Linux 2.6.36 (mips)WEB-ROUTER

Ruijie Networks is a professional network manufacturer with a full range of network equipment product lines and solutions including switches, routers, software, security firewalls, wireless products, storage, etc. Ruijie Networks RG-NBS series has logic flaws and vulnerabilities. Attackers can use vulnerabilities to bypass authentication and access internal resources.

Shandong Kede Electronics Co., Ltd. is a national high-tech enterprise integrating product research and development, production, sales, and teaching practice. Shandong Kede Electronics Co., Ltd. has an information leakage vulnerability in the IoT smart water meter monitoring platform. Attackers can use vulnerabilities to obtain sensitive information.

Shandong Kede Electronics Co., Ltd. is a national high-tech enterprise and a national high-tech zone gazelle enterprise integrating product development, production, sales, and teaching practice. Shandong Kede Electronics Co., Ltd. has logic flaws and loopholes in the IoT smart water meter supervision platform. Attackers can use the vulnerability to obtain administrator cookies through blasting.

H3C SecPath ACG1000 is a new generation application control gateway. H3C SecPath ACG1000 has an arbitrary file reading vulnerability. Attackers can use vulnerabilities to read arbitrary files.